Former MI5 Boss: "I'm Not One of Those Who Believes We Should Weaken Encryption"

By Tom Pritchard on at

When it comes to the topic of encryption, or more specifically encrypted messaging services like WhatsApp, our government doesn't have the best track record.

Every time something bad happens Amber Rudd starts wasting oxygen with a bunch of ignorant comments. The current head of MI5 actually said these services keep terrorists safe, while the GCHQ believes that governments should have the final say, not tech companies. Presumably because our government wants a string of backdoors that would let its agents spy on people more easily.

So it may be surprising to hear that Jonathan Evans, who was Director-General of MI5 until 2013, is against weakening encryption.

He said the following when speaking to Frank Gardener on this morning's Today Programme on BBC Radio 4:

You wrote just over two years ago in a national newspaper that you feared that, actually, the intelligence agencies were not keeping up with the pace of encryption and tools at the disposal of terrorists, and criminals, and drug runners etc. Do you still feel that now? That the agencies that are trying to keep this country safe are losing the battle against whether its cyber criminals or organised criminals, terrorism.

I don't think we're losing the race, I think that it is a race and we have to keep moving forward rapidly unless we are going to slip back. There are some capabilities that do get eroded, and I think the widespread use of encryption has reduced the ability of the agencies to police, to access the content of the materials.

I'm not personally one of those who believes we should weaken encryption, because I think there is a parallel issue which is cybersecurity more broadly. Whilst, understandably, there is a very acute concern about counter-terrorism, it's not the only national security threat that we face. And I think the way cyberspace is being used by criminals, and by governments, is a potential threat to the UK's interests more widely - and it's very important that we should be seen and be a country where people can operate securely. And that's very important for our commercial interests, as well as our national security interests, so encryption is very positive.

It's a surprisingly thought out and balanced answer, which is a nice change of pace. To summarise, while Evans believes encryption has made it harder for law enforcement and security services to fight terrorism, terrorists are not the only threat faced by the UK. Evans believes Cybersecurity is important and in the UK's best interests, so weakening encryption is counter-productive from this perspective.

Evans also spoke about the threat of a cyber attack against the increasing number of networked devices, better known as the Internet of Things:

"As our vehicles, air transport, our critical infrastructure is resting critically on the internet, we need to be really confident that we have secured that because our economic and daily lives are going to be dependent on the security we can put in to protect us from cyber-attack."

Exploiting the IoT's poor security isn't exactly unheard of, to the point where governments are crafting legislation to force tech companies to sort their shit out.

Today's interview isn't the first time Evans has spoken out against weakening encryption either. Back in 2015 he told Business Insider that while British surveillance laws needed updating, he didn't believe that inserting backdoors into encrypted services was the answer. Mainly because there was the high risk that they could be exploited by others.

It's ironic that his prediction rang true, what with the spread of the WannaCry ransomware earlier this year. A spread that took advantage EternalBlue, the Windows backdoor that is widely believed to have been developed by the NSA.

Featured image: MI5

More Security Posts: